NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Are the ReadNAS RR2304 subject to the current Log4j Vulnerability?
HI All,
Does anyone know if the ReadyNAS devices are susceptible to the recent Log4j vulnerability, I have 4 RR2304 NAS drives and need to be sure if they are affected or not?
This vulnerability depends on the availability of the Apache Log4j - to my knowledge it's not part of the ReadyNAS OS 6 system at all. Feel free to compare with the https://kb.netgear.com/2649/NETGEAR-Open-Source-Code-for-Programmers-GPL
4 Replies
This vulnerability depends on the availability of the Apache Log4j - to my knowledge it's not part of the ReadyNAS OS 6 system at all. Feel free to compare with the https://kb.netgear.com/2649/NETGEAR-Open-Source-Code-for-Programmers-GPL
Beyond, there is no Java on board (leaving any kind of Apps and Add-ons alone) - Log4j does not exist on it's own.
ManyThanks for that - I couldn't find any Java on there either, but just thought I'd ask a wider audience with better knowledge of these devices than I have.
mickey_D wrote:
ManyThanks for that - I couldn't find any Java on there either, but just thought I'd ask a wider audience with better knowledge of these devices than I have.
Here is Netgear's statement on Log4j: https://community.netgear.com/t5/Smart-Plus-and-Smart-Pro-Managed/Has-Netgear-GS748TS-been-affected-by-Log4J/m-p/2173582#M19998
Of course it is possible for a user to manually install software on the NAS that has this vulnerability.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
